A high-severity flaw in MongoDB instances could allow unauthenticated remote bad actors to leak sensitive data from MongoDB servers. Dubbed "MongoBleed," the security flaw is being exploited in the ...

Hackers are exploiting CVE-2025-14847, aka MongoBleed, a MongoDB vulnerability, to leak sensitive information from server ...

A severe vulnerability affecting multiple MongoDB versions, dubbed MongoBleed (CVE-2025-14847), is being actively exploited ...

SafeBreach researchers developed a zero-click PoC exploit that crashes unpatched Windows Servers using the Windows ...

A newly disclosed security flaw in MongoDB leading to the exposure of over 87,000 potentially vulnerable servers on the ...

Security engineers have released a proof-of-concept exploit for four critical Ivanti Endpoint Manager bugs, giving those who ...

Weirdly, a public exploit and technical details are available online, showing how attackers can trigger the vulnerability and remotely extract secrets, credentials, and other sensitive data.

A torrent of proof-of-concept (PoC) exploits for React2Shell has hit the internet following the vulnerability's disclosure last week, and while security researchers say most are fake, ineffective and ...

A critical CrushFTP vulnerability now under exploitation in the wild has become mired in controversy and confusion. On March 31, the Shadowserver Foundation reported that exploitation activity was ...

A critical flaw in the W3 Total Cache (W3TC) WordPress plugin can be exploited to run PHP commands on the server by posting a comment that contains a malicious payload. The vulnerability, tracked as ...

While unpatched instances were reduced to half within a month, a huge number of them remain vulnerable even as attackers exploit the flaw in the wild for critical RCE attacks. Businesses around the ...